There are many online services available to users, including banking, shopping, etc. When a user inputs a domain name for a service in a web browser, the user's computer can generate a request for the domain name and send the request to a Domain Name System (DNS), which provides an Internet Protocol (IP) address to the user's computer. The user's computer can then locate the service using the IP address and load the service into the user's web browser.
The DNS is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. The DNS associates information with domain names assigned to each of the participating entities. A Domain Name Service translates queries for domain names (host names), which are easier to understand and utilize when accessing the internet, into IP addresses for the purpose of locating computer services and devices worldwide. For example, the domain name www.example.com translates to the IP addresses 192.0.43.10 (IPv4) and 2620:0:2d0:200::10 (IPv6).
The DNS makes it possible to assign domain names to groups of Internet resources and users in a meaningful way, independent of each entity's physical location. Because of this, World Wide Web (WWW) hyperlinks and Internet contact information can remain consistent and constant even if the current Internet routing arrangements change or the participant uses a mobile device. Moreover, Internet domain names are easier to remember than IP addresses such as 208.77.188.166 (IPv4) or 2001:db8:1f70::999:de8:7648:6e8 (IPv6). Users take advantage of this when they recite meaningful Uniform Resource Locators (URLs) and e-mail addresses without having to know how the computer actually locates them.
The DNS distributes the responsibility of assigning domain names and mapping those names to IP addresses by designating authoritative name servers for each domain. Authoritative name servers are assigned to be responsible for their particular domains, and in turn can assign other authoritative name servers for their sub-domains. This mechanism has made the DNS distributed and fault tolerant and has helped avoid the need for a single central register to be continually consulted and updated.
The DNS can store or cache the mapping of domain names to IP addresses in DNS records. Moreover, the DNS can store or cache reversed DNS records, which map IP addresses to the domain names to which the IP addresses belong. The mapping between domain name and IP addresses may not necessarily be a one-to-one mapping, as one domain name can map to multiple IP addresses, and one IP address can map to multiple domain names. A reverse lookup is a query of the DNS for domain names when the IP address is known.
Currently, most IP addresses used in the DNS follow the Internet Protocol version 4 (IPv4), which uses IP addresses that are 32 bits (4 bytes) long. However, the growth of the Internet has created a need for more addresses than are possible with IPv4. Therefore, a new Internet Protocol, IPv6, uses 128-bit (16 bytes) addresses, for an address space of 2128 (approximately 3.4×1038) addresses. By switching to IPv6, a much larger address space will be available for addresses. In IPv6, 64 bits may be used for the address of a domain name, and 64 bits can be an “interface ID,” which can be used in any way.
Asymmetric cryptographic keys are used in cryptography for authentication and content verification. Asymmetric cryptographic keys can be binary data of a predefined length, such as 2 kilobytes. To make identification of the asymmetric cryptographic keys easier for humans, a subset of the binary data, known as a fingerprint, can be extracted using an algorithm predefined for the given key type. For example, 16 bytes may be extracted as a fingerprint of a 2 kilobyte number. By using an algorithm that is predefined for the given asymmetric cryptographic key, the fingerprint generated for an asymmetric cryptographic key may always be the same. The subset of the binary data of an asymmetric cryptographic key can practically be unique.
When using an online service, a user may need to enter in information related to the user. Examples of information that the service may need to know can include the user's bank account(s), the currency that the user accepts, the languages that the user speaks, the user's email address(es), user's shoe size, etc.
The information provided by the user can generally be stored in a database for the service. However, storing the information in this manner can be inefficient, as each service used by a user stores the data, resulting in the duplication of data if multiple services need the same information. Moreover, the user may have to re-enter the information for each service used by the user.
There have been many approaches to creating an online system which can reliably map information entered by a user to a unique and secure identification for the user, such that the user does not have to re-enter the information for each service and to save storage space for the services. These approaches include single-sign-on account extensions, information formats (e.g., V-card), .name top-level domain (TLD), and RFID-based solutions. However, none of the current approaches are widely accepted or adopted. Moreover, these approaches may require additions to existing technologies, may be impractical to implement, may be expensive, or may require a physical device.